I have found a router on the net that did not require of me a password to access any module in it's navigation bar. Other routers with the exact same firmware and model, however, did. So I supposed that the admin forgot to put a password.
So I tried to make some changes to the router but when I click apply it tells me the following:
Firefox can't establish a connection to server 192.168.1.251
Now this LAN IP is a bit out of range. Usually most LAN IP's range from 192.168.1.0-250.
so what do you think this is? Is it possible to get root on this router any way?
No password authentication but...
-
Lyecdevf
- cyber Idi Amin
- Posts: 1222
- Joined: 16 Mar 2006, 17:00
- 18
- Location: In between life and death.
- Contact:
No password authentication but...
We will either find a way, or make one.
- Hannibal
- Hannibal
-
bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
hm, it's a little strange.....the web iface is available as public IP but when doing changes it uses the private IP... 
look if you can find and enable a "remote administration" option, but I guess it'll also switch to the private IP when you want to change the setting.....and in this case you have no chance, not even by spoofing the source IP because packets from/to private IPs are not routed on the internet.
the IP itself is not unusual, seems the owner simply changed it...between 0 and 254 everything is normal as last digit, only 255 would be strange because it's the broadcast adress.
what router/model is it btw?
look if you can find and enable a "remote administration" option, but I guess it'll also switch to the private IP when you want to change the setting.....and in this case you have no chance, not even by spoofing the source IP because packets from/to private IPs are not routed on the internet. the IP itself is not unusual, seems the owner simply changed it...between 0 and 254 everything is normal as last digit, only 255 would be strange because it's the broadcast adress.
what router/model is it btw?
a helpful tip is to search the manufactor website for the technical manual for that router.
I thought you were using the 192.168.1 only as an example, as that ip range is reserved for special purpose, usually in a classroom computer lab that range was used.
It is possible to not use passwords, but other trusted means of authentication, computers can do a handshake based on the machines ip or even mac addy - this is an example of physical security. That is why I found it laughable when I found the closet with the admin's console in a building - sometimes the admin user was still logged in!
oops got to go, wife is up!
DNR
I thought you were using the 192.168.1 only as an example, as that ip range is reserved for special purpose, usually in a classroom computer lab that range was used.
It is possible to not use passwords, but other trusted means of authentication, computers can do a handshake based on the machines ip or even mac addy - this is an example of physical security. That is why I found it laughable when I found the closet with the admin's console in a building - sometimes the admin user was still logged in!
oops got to go, wife is up!
DNR
-
Lyecdevf
- cyber Idi Amin
- Posts: 1222
- Joined: 16 Mar 2006, 17:00
- 18
- Location: In between life and death.
- Contact:
It is a hardware firewall I believe. I checked the site today and it says that it cost a $1000.
It is a called SME575 CyberGuard. It has a pretty cool firmware with loads of options.
So they have enabled routing to allow only 192.168.1.251 LAN IP to change it's settings. Oh, well it was worth a try!
It is a called SME575 CyberGuard. It has a pretty cool firmware with loads of options.
So they have enabled routing to allow only 192.168.1.251 LAN IP to change it's settings. Oh, well it was worth a try!
We will either find a way, or make one.
- Hannibal
- Hannibal